A multi-tenant database or datastore system may have multiple subscribing tenants that access applications and/or data from a network source. Each tenant may, for example, be a merchant that owns a website or electronic store (e-store) maintained by the datastore system. The merchant may use the website to sell products, service, and/or information to customers. With a multi-tenant datastore system, the tenants may have an advantage in the fact that they do not need to install and maintain all hardware and software from the e-store. Rather, each tenant may only need a computing device with network connectivity, such as a desktop computer with Internet access and a web browser. With the computing device, the tenant may access the multi-tenant datastore to operate applications and/or data. Third party developers may also be involved to provide various third party applications to the datastore system. Since different parties including tenants, customers, and third party developers may share a common datastore, it is necessary to prevent unwarranted data/application accesses (e.g., one tenant from accessing data belonging to other tenants). Thus, it is desirable to develop secure and reliable data access schemes to accommodate service to multiple parties involved in the datastore system.